General

  • Target

    86e0d4571aea956a69c8b7cca22ec1be937e19242c838fc33fca4e82732bb7a8

  • Size

    302KB

  • Sample

    241108-kgq7gsyhre

  • MD5

    15860d3227c616f462fe987ffcdd7b91

  • SHA1

    623e875429b8683f1574560533a9a9da2690b2c2

  • SHA256

    86e0d4571aea956a69c8b7cca22ec1be937e19242c838fc33fca4e82732bb7a8

  • SHA512

    0789f2db6b0475d0168e8dd64e223d91bfde4395dd8db9fb068c3c525718c53cc19f08d949caffe95587ee42067c589764c51254859d31fd41886d2679f91f0a

  • SSDEEP

    3072:l8XLArFsh796WIYCt9ouTDXV1lIYNbMFjwBc5wbfRny9F4znqpN1tT+3QcxH2ocC:lpCTw9ouTDljIYpcwcgCm2Z7AiC6SQ

Malware Config

Extracted

Family

redline

Botnet

11

C2

45.9.20.157:46257

Attributes
  • auth_value

    344c26d7f808f9c29e47633026f19aa5

Targets

    • Target

      86e0d4571aea956a69c8b7cca22ec1be937e19242c838fc33fca4e82732bb7a8

    • Size

      302KB

    • MD5

      15860d3227c616f462fe987ffcdd7b91

    • SHA1

      623e875429b8683f1574560533a9a9da2690b2c2

    • SHA256

      86e0d4571aea956a69c8b7cca22ec1be937e19242c838fc33fca4e82732bb7a8

    • SHA512

      0789f2db6b0475d0168e8dd64e223d91bfde4395dd8db9fb068c3c525718c53cc19f08d949caffe95587ee42067c589764c51254859d31fd41886d2679f91f0a

    • SSDEEP

      3072:l8XLArFsh796WIYCt9ouTDXV1lIYNbMFjwBc5wbfRny9F4znqpN1tT+3QcxH2ocC:lpCTw9ouTDljIYpcwcgCm2Z7AiC6SQ

    • RedLine

      RedLine Stealer is a malware family written in C#, first appearing in early 2020.

    • RedLine payload

    • Redline family

MITRE ATT&CK Enterprise v15

Tasks